Using a lethal combination of various client side attacks we’ll smash the same origin policy, punch our way through your firewall, and dropkick an Oracle database on your internal network (and we’re NOT talking about SQL Injection!). Although the sophistication of client side attacks has dramatically increased over the last few years, many in the security community continue to dismiss the true dangers of these attacks. These ï¿½non-believersï¿½ feel that client side attacks are simply limited to HTTP based attacks or ï¿½phishingï¿½ attacks against careless individuals. This talk will demonstrate some techniques used by attackers to establish a ï¿½staging pointï¿½ on your internal network. This staging point will be used to conduct NON-HTTP based attacks against various services on YOUR internal network. Specific demonstrations include:

Slipping attacks past the Firewall

Establishing a ï¿½Staging Pointï¿½ on the internal network through the use of malicious Java Applets.

Breaking the JVM Same Origin Policy.

Establishing a bi-directional control channel from the attacker to the internal Network.

Initiating a Full Connect port scan of a system on the internal network.

Attacking an SMTP server on the internal network.

Brute forcing the credentials for an Oracle database server located on the internal network.

Attacking an Oracle Database on the internal network, giving the remote attacker the ability to issue SQL queries DIRECTLY to your database via JDBC and read the responses.

About Nathan

Nathan McFeters is a Senior Security Advisor for Ernst & Young’s Advanced Security Center based out of Houston, TX. Nathan has performed web application, deep source code, Internet, Intranet, wireless, dial-up, and social engineering engagements for several clients in the Fortune 500 during his career at Ernst & Young and has served as the Engagement Manager for the ASC#s largest client, leading hundreds of web application reviews this year alone.

Prior to taking the position with Ernst & Young, Nathan paid his way thru undergrad and graduate degrees at Western Michigan University by doing consulting work for Solstice Network Securities a company co-founded with Bryon Gloden of Arxan, focused on providing high-quality consulting work for clients in the Western Michigan area. Nathan has an undergraduate degree in Computer Science Theory and Analysis from Western Michigan University and a Master of Science Degree in Computer Science with an emphasis on Computer Security, also from Western Michigan University.